Using Joplin as a tool for keeping small medical records

Hi, I am a total newcomer to this forum, and a new user of Joplin also.
I work as a psychologist and I was thinking of using Joplin as a tool for keeping a medical record. So I guess what I am wondering is how ”secure” it is to use Joplin with E2EE enabled and set up on my OneDrive? I use Bitwarden as a password manager so I Will set a really strong password.

The requirements for the contents in medical records in Sweden is not so demanding when it comes to psychological treatments, so I Will not be saving extremely sensitive information, but the authorities have requirements when it comes to privacy - I have to make sure that no one gets access to the records.

There are some companies that sell this service, and what I am looking for is safety and privacy on their level (e.g. Easypractice.net)

Any help would be greatly appreciated!

Kindly,
Henric

One thing to keep in mind is while your data is secure in OneDrive or whatever else you're using to sync, it's not encrypted on your PC. Not sure if this is a blocker for you.

To be safe you should probably encrypt you whole laptop if the data is particularly sensitive (with BitLocker for example), and in that case you don't need to worry about the local data encryption. E2EE should be secure - the few times it's been audited no issue was found, and the lib we use also has no known vulnerabilities.

Thank you so much. Very helpful!
I am not sure if I am on a Windows 10 pro-license. That is the only version that has Bitlocker, right? Are there alternatives to that software?
Are there any other options - like protecting the exe-file for Joplin with a password?

Kind regards,
Henric

Otherwise you can use something like VeraCrypt. But in terms of usability Windows Bitlocker is much simpler, you enable it and forget it's even there, and a Windows 10 Pro license is not excessive I guess for a business.

There are workarounds to encrypt drives with BitLocker in Windows 10 Home too (see https://superuser.com/questions/1590289/how-to-enable-bitlocker-system-drive-encryption-on-windows-10-home). Another method would be to encrypt a partition or even an external drive on a different computer, and then use it under the Windows 10 Home machine (since accessing BitLocker-protected drives is actually officially supported in Home).

VeraCrypt is great, but it also has a known performance issue (see https://github.com/veracrypt/VeraCrypt/issues/136), which can dramatically reduce I/O performance, especially on fast SSDs. Not that it matters when storing documents and such, but still.